HTTP: Microsoft Internet Explorer CDO Protocol URI in Web Page
This signature detects attempts to exploit a known vulnerability in Internet Explorer. An attacker can create a malicious Web site containing Web pages with CDO URIs, which if accessed by a victim, allows the attacker to gain control of the victims client browser. Note: CDO URIs are used as part of the Microsoft Office collaboration and their use may not be indicative of malicious activity.
Extended Description
Microsoft Office is prone to a cross-site scripting vulnerability that arises because the software fails to handle specially crafted CDO protocol URIs in a proper manner. Successfully exploiting this issue may allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Office XP Service Pack 3 is vulnerable.
Affected Products
Microsoft office_xp
References
CVE: CVE-2008-4020
Short Name
HTTP:STC:IE:CDO-IN-HEADER
Severity
Info
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CDO CVE-2008-4020 Explorer Internet Microsoft Page Protocol URI Web in
Release Date
10/14/2008
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Rarely
Vendors
Microsoft
CVSS Score
4.3